The platform enables users to pay for items using several Apple mobile devices, including the newly released iPad Air 2 and iPad Mini 3, both of which now feature Touch ID, a built-in biometric fingerprint scanner. The new tablets, available for pre-order on Oct. 17, will be widely available starting next week.

During an Oct. 16 presentation, Apple CEO Tim Cook confirmed that another 500 banks have signed on to support Apple Pay. "They will be rolling out support later this year and early next year," he says.

When Apple unveiled the Apple Pay concept last month, it confirmed the payments platform will work with the three major payment networks - American Express, MasterCard and Visa (see: Apple Launches Payments Platform). In addition, it said the top bank card issuers that handle 83 percent of the credit card purchase volume had signed up to support the technology. Those include Bank of America, Wells Fargo and JPMorgan Chase, plus eight other financial institutions.

More than 220,000 merchant locations are ready to accept payments using the new technology, Apple says. Companies on board with Apple Pay so far include Target Corp., Starbucks, Disney and Staples, to name a few.

Along with the new iPads, Apple Pay works with the new iPhone 6 and iPhone 6 Plus, released in recent weeks, and new wearable technology known as Apple Watch, slated to debut early 2015. Apple Pay will also work with iPhone 5, 5C and 5s when paired with Apple Watch.

How It Works

Apple's new system is designed to work with contactless payment terminals that use near-field communication technology (see: Apple Pay: How Will It Work?).

To use Apple Pay, a user must first add a card to the Passbook app. This can be done by importing any card that's already registered with iTunes and re-entering the card's security code. Or users can enter new card data, either by capturing it via the built-in camera or typing it in.

For every card added, a dedicated chip inside the iPhone - called the Secure Element - assigns, encrypts and stores a unique Device Account Number. So the real card number is not stored nor transmitted. Instead, the Device Account Number gets sent through the POS device and payment network when a user taps their fingerprint to authorize the transaction, then taps their iPhone against an NFC-compatible terminal.

With the new iPad Air 2 and iPad mini 3, users can make purchases within applications on their devices using Apple Pay, the company says.

To take a look at the components behind Apple's new payment system, the security features, and how to put them to use, see our Guide to Apple Pay Infographic.

Impact on Payments

While it's still early to know what the long-term implications of Apple Pay will be, "it's a huge leap over our current system in the U.S. and could significantly reduce the number of retail [point-of-sale] attacks we're seeing," says Satnam Narang, senior response manager at security vendor Symantec.

Apple Pay's use of a one-time, unique number that's generated for transactions, coupled with the required use of a fingerprint to authenticate and authorize a purchase, will make even a successful attack of limited value to a hacker, Narang contends. "However, as with any new technology, this will undoubtedly attract interest from both white hat and black hat hackers," he says.

Apple's announcement of the incorporation of NFC technology in its mobile devices legitimizes the technology as the contactless platform for the foreseeable future, says Thad Peterson, a payments expert for the consultancy Aite Group. "Expect to see a rapid expansion of NFC-enabled payment terminals," he says.

Payment fraud expert Tom Wills says NFC available with other smart phones has failed to gain traction in the past year following several years of hype, so Apple Pay could serve as a major boost.

"The other strong feature is that Apple Pay is designed to work with both physical point-of-sale and e-commerce transactions via a single consumer wallet," Wills says. "This is a very credible move to change the payments landscape."

By bringing Apple into the NFC fold, he says, "we will quickly see contactless mobile payments achieve critical mass and, since it's a significantly more secure technology than card-based platforms, the risk of fraud should decline overall."

But it's not yet clear how secure the platform is for consumers, contends Curt Kwak, CIO at the Seattle-based surgical practice, Proliance Surgeons. "On the backend, I have no doubt that it's secure," he says. "But on the front end, is it truly secure enough to protect the people using it [as a] primary payment system? That's a question we can't answer. We don't know yet."

About the Author

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;